The US justice department on Wednesday, announced the arrest and extradition of a top Chinese intelligence officer, on charges of economic espionage and attempting to steal trade secrets from several U.S aviation and aerospace companies. However, top officials in the U.S infosec industry believe that the arrest may spark an increase in Chinese cyberattacks in the coming months.
The suspect, Yanjun Xu, is a high-ranking director in China’s Ministry of State Security (MSS) - the country’s counter-intelligence and foreign intelligence agency. According to security experts at Recorded Future, and the shadowy group Intrusion Truth, the MSS is responsible for managing China’s cyberespionage operations.
“China is actively engaging in targeted and persistent intrusion attempts against multiple sectors of the economy, including biotech, defense, mining, pharmaceutical, professional services, transportation and more,” CrowdStrike CTO Dmitri Alperovitch told ZDNet.
According to the justice department, Xu, the deputy division director for the State Security Department of China’s Jiangsu province, targeted several U.S aerospace companies including GE Aviation, a subsidiary of General Electic Co. The justice department did not provide names of the two other firms targeted, of which, one is considered to be the world’s largest aerospace firm, and a leading manufacturer of commercial jetliners and defense, space and security systems. The other targeted firm is an industry leader in unmanned aerial vehicle technology.
“This unprecedented extradition of a Chinese intelligence officer exposes the Chinese government’s direct oversight of economic espionage against the United States,” Bill Priestap, assistant director of the FBI, said in a statement.
“It is part of an overall economic policy of developing China at American expense,” said John Demers, the assistant U.S attorney general for national security. “We cannot tolerate a nation stealing our firepower and the fruits of our brainpower.”
Both the US and China agreed to cease all hacking operations focusing on intellectual property (IP) in the autumn of 2015, when US president Barack Obaman and Chinese President Xi, signed a political agreement. Later, in 2016, a FireEye report stated that China appeared to have stopped all major operations related to IP theft.
However, the agreement appears to have dissolved after Donald Trump became president. During the Trump administration’s short tenor, diplomatic relations between the two countries have broken down and a trade war appears to be slowing unveiling.
In March 2018, the Trump administration also accused China of breaking the Obama-Xi hacking agreement. As proof of the violation, the US Department of Treasury investigation detailed in a 215-page report, listing several Chinese hacking operations that took place after the signing of the agreement. CrowdStrike also released report confirming the government’s 215-page report.
The official statement published by the U.S Department of Justice provides more details about Xu’s indictment and insider recruitment tactics, as well as other details relating to the arrest of top MSS officials in Belgium on April 1, this year.